So I’ve read over several questions here about the pros and cons of using

Question

0

Asked: May 18, 20262026-05-18T00:29:10+00:00 2026-05-18T00:29:10+00:00

So I’ve read over several questions here about the pros and cons of using

0

So I’ve read over several questions here about the pros and cons of using only OpenID for your website/app. Every question I read seemed to be in the context of OpenID for your users/visitors. What I am considering is using it for the administrative portion of the web app as well.

Is this nuts?

It seems counter productive to go with OpenID only for the consumer facing portion of our web app (to both decrease dev time and reduce sign up friction) but then spend the time to build authentication/authorization system for the administrative portion of our app.

The administration with OpenID would be implemented with a white list in the DB so not just anybody could stumble into the admin area and start making changes.

I’ve also toyed with the idea of breaking the administration (FWIW it’s implemented as an ASP.NET MVC area) totally out of the app and into a secondary locked down VPN connection but that seems extreme.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-18T00:29:11+00:00

Editorial Team

2026-05-18T00:29:11+00:00Added an answer on May 18, 2026 at 12:29 am

I’ve done the same thing with OpenID. In my scenario a user has to be manually granted administrative privileges. But as far as infrastructure goes, everything else is identical to the way a typical user’s login works.

As long as you can trust the OpenID providers that your administrator(s) are using, then I think it’s reasonable enough to do this.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

So I’ve read over several questions here about the pros and cons of using

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply